Update user group list web-service and role-list in Dtos (#763).

Change-Id: I8efd9226c61deead54a1b6953c10041758e90830
KorAP · Jul 17, 2024 · 57103a0 · 57103a0
1 parent c942eac
commit 57103a0
Show file tree

Hide file tree

Showing 8 changed files with 196 additions and 130 deletions.
diff --git a/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java b/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java
@@ -5,6 +5,7 @@
 import com.fasterxml.jackson.annotation.JsonInclude;
 
 import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
 import de.ids_mannheim.korap.constant.UserGroupStatus;
 import lombok.Getter;
 import lombok.Setter;
@@ -30,5 +31,5 @@ public class UserGroupDto {
     private List<UserGroupMemberDto> members;
 
     private GroupMemberStatus userMemberStatus;
-    private List<String> userRoles;
+    private List<PredefinedRole> userRoles;
 }
diff --git a/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java b/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java
@@ -3,6 +3,7 @@
 import java.util.List;
 
 import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
 import lombok.Getter;
 import lombok.Setter;
 
@@ -18,5 +19,5 @@
 public class UserGroupMemberDto {
     private String userId;
     private GroupMemberStatus status;
-    private List<String> roles;
+    private List<PredefinedRole> roles;
 }
diff --git a/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java b/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java
@@ -8,6 +8,7 @@
 import org.springframework.stereotype.Component;
 
 import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
 import de.ids_mannheim.korap.dto.UserGroupDto;
 import de.ids_mannheim.korap.dto.UserGroupMemberDto;
 import de.ids_mannheim.korap.entity.Role;
@@ -39,7 +40,7 @@ public UserGroupDto createUserGroupDto (UserGroup group,
         dto.setUserMemberStatus(userMemberStatus);
 
         if (roleSet != null) {
-            dto.setUserRoles(convertRoleSetToStringList(roleSet));
+            dto.setUserRoles(convertRoleToPredefinedRoles(roleSet));
         }
 
         if (members != null) {
@@ -51,7 +52,7 @@ public UserGroupDto createUserGroupDto (UserGroup group,
                 memberDto.setUserId(member.getUserId());
                 memberDto.setStatus(member.getStatus());
                 memberDto.setRoles(
-                        convertRoleSetToStringList(member.getRoles()));
+                        convertRoleToPredefinedRoles(member.getRoles()));
                 memberDtos.add(memberDto);
             }
             dto.setMembers(memberDtos);
@@ -63,8 +64,8 @@ public UserGroupDto createUserGroupDto (UserGroup group,
         return dto;
     }
 
-    private List<String> convertRoleSetToStringList (Set<Role> roleSet) {
-        List<String> roles = new ArrayList<>(roleSet.size());
+    private List<PredefinedRole> convertRoleToPredefinedRoles (Set<Role> roleSet) {
+        List<PredefinedRole> roles = new ArrayList<>(roleSet.size());
         for (Role r : roleSet) {
             roles.add(r.getName());
         }

diff --git a/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java b/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
@@ -7,6 +7,7 @@
 import org.springframework.stereotype.Controller;
 
 import de.ids_mannheim.korap.constant.OAuth2Scope;
+import de.ids_mannheim.korap.constant.PredefinedRole;
 import de.ids_mannheim.korap.dto.UserGroupDto;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService;
@@ -240,7 +241,7 @@ public Response inviteGroupMembers (
     public Response editMemberRoles (@Context SecurityContext securityContext,
             @PathParam("groupName") String groupName,
             @FormParam("memberUsername") String memberUsername,
-            @FormParam("roleId") List<Integer> roleIds) {
+            @FormParam("roleId") List<PredefinedRole> roleIds) {
         TokenContext context = (TokenContext) securityContext
                 .getUserPrincipal();
         try {
@@ -274,14 +275,14 @@ public Response editMemberRoles (@Context SecurityContext securityContext,
     public Response addMemberRoles (@Context SecurityContext securityContext,
             @PathParam("groupName") String groupName,
             @FormParam("memberUsername") String memberUsername,
-            @FormParam("roleId") List<Integer> roleIds) {
+            @FormParam("roleId") List<PredefinedRole> roles) {
         TokenContext context = (TokenContext) securityContext
                 .getUserPrincipal();
         try {
             scopeService.verifyScope(context,
                     OAuth2Scope.ADD_USER_GROUP_MEMBER_ROLE);
             service.addMemberRoles(context.getUsername(), groupName,
-                    memberUsername, roleIds);
+                    memberUsername, roles);
             return Response.ok("SUCCESS").build();
         }
         catch (KustvaktException e) {

diff --git a/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql b/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql
@@ -1,8 +1,8 @@
 -- dummy data only for testing
 
 -- user groups
-INSERT INTO user_group(name,status,created_by,created_date) 
-	VALUES ("marlin-group","ACTIVE","marlin",CURRENT_TIMESTAMP);
+--INSERT INTO user_group(name,status,created_by,created_date) 
+--	VALUES ("marlin-group","ACTIVE","marlin",CURRENT_TIMESTAMP);
 
 --INSERT INTO user_group(name,status,created_by,created_date) 
 --	VALUES ("dory-group","ACTIVE","dory",CURRENT_TIMESTAMP);

diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
@@ -31,7 +31,7 @@
 /**
  * @author margaretha
  */
-public class UserGroupControllerTest extends SpringJerseyTest {
+public class UserGroupControllerTest extends UserGroupTestBase {
 
     @Autowired
     private UserGroupMemberDao memberDao;
@@ -60,73 +60,11 @@ private void deleteGroupByName (String groupName) throws KustvaktException {
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
     }
 
-    // dory is a group admin in dory-group
-    @Test
-    public void testListDoryGroups () throws KustvaktException {
-        Response response = target().path(API_VERSION).path("group").request()
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue("dory", "pass"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
-        String entity = response.readEntity(String.class);
-        // System.out.println(entity);
-        assertEquals(Status.OK.getStatusCode(), response.getStatus());
-        JsonNode node = JsonUtils.readTree(entity);
-        JsonNode group = node.get(1);
-        assertEquals(2, group.at("/id").asInt());
-        assertEquals(group.at("/name").asText(), "dory-group");
-        assertEquals(group.at("/owner").asText(), "dory");
-        assertEquals(3, group.at("/members").size());
-    }
-
-    // nemo is a group member in dory-group
-    @Test
-    public void testListNemoGroups () throws KustvaktException {
-        Response response = target().path(API_VERSION).path("group").request()
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue("nemo", "pass"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
-        String entity = response.readEntity(String.class);
-        assertEquals(Status.OK.getStatusCode(), response.getStatus());
-        // System.out.println(entity);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(2, node.at("/0/id").asInt());
-        assertEquals(node.at("/0/name").asText(), "dory-group");
-        assertEquals(node.at("/0/owner").asText(), "dory");
-        // group members are not allowed to see other members
-        assertEquals(0, node.at("/0/members").size());
-    }
-
-    // marlin has 2 groups
-    @Test
-    public void testListMarlinGroups () throws KustvaktException {
-        Response response = target().path(API_VERSION).path("group").request()
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue("marlin", "pass"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
-        String entity = response.readEntity(String.class);
-        assertEquals(Status.OK.getStatusCode(), response.getStatus());
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(2, node.size());
-    }
-
-    @Test
-    public void testListGroupGuest () throws KustvaktException {
-        Response response = target().path(API_VERSION).path("group").request()
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
-        assertEquals(StatusCodes.AUTHORIZATION_FAILED,
-                node.at("/errors/0/0").asInt());
-        assertEquals(node.at("/errors/0/1").asText(),
-                "Unauthorized operation for user: guest");
-    }
-
     @Test
     public void testCreateGroupEmptyDescription ()
             throws ProcessingException, KustvaktException {
         String groupName = "empty_group";
-        Response response = testCreateUserGroup(groupName, "");
+        Response response = createUserGroup(groupName, "", username);
         assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
         deleteGroupByName(groupName);
     }
@@ -140,19 +78,6 @@ public void testCreateGroupMissingDescription ()
         deleteGroupByName(groupName);
     }
 
-    private Response testCreateUserGroup (String groupName, String description)
-            throws ProcessingException, KustvaktException {
-        Form form = new Form();
-        form.param("description", description);
-        Response response = target().path(API_VERSION).path("group")
-                .path("@" + groupName).request()
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue(username, "pass"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-                .put(Entity.form(form));
-        return response;
-    }
-
     private Response testCreateGroupWithoutDescription (String groupName)
             throws ProcessingException, KustvaktException {
         Response response = target().path(API_VERSION).path("group")
@@ -196,7 +121,7 @@ public void testCreateGroupNameTooShort ()
     public void testUserGroup () throws ProcessingException, KustvaktException {
         String groupName = "new-user-group";
         String description = "This is new-user-group.";
-        Response response = testCreateUserGroup(groupName, description);
+        Response response = createUserGroup(groupName, description, username);
         assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
         // same name
         response = testCreateGroupWithoutDescription(groupName);
@@ -212,12 +137,10 @@ public void testUserGroup () throws ProcessingException, KustvaktException {
         assertEquals(username, node.at("/members/0/userId").asText());
         assertEquals(GroupMemberStatus.ACTIVE.name(),
                 node.at("/members/0/status").asText());
-        assertEquals(PredefinedRole.VC_ACCESS_ADMIN.name(),
-                node.at("/members/0/roles/1").asText());
-        assertEquals(PredefinedRole.USER_GROUP_ADMIN.name(),
-                node.at("/members/0/roles/0").asText());
+        assertEquals(6,  node.at("/members/0/roles").size());
+
         testUpdateUserGroup(groupName);
-        testInviteMember(groupName);
+        testInviteMember(groupName, username, "darla");
         testDeleteMemberUnauthorized(groupName);
         testDeleteMember(groupName);
         testDeleteGroup(groupName);
@@ -228,7 +151,7 @@ public void testUserGroup () throws ProcessingException, KustvaktException {
     private void testUpdateUserGroup (String groupName)
             throws ProcessingException, KustvaktException {
         String description = "Description is updated.";
-        Response response = testCreateUserGroup(groupName, description);
+        Response response = createUserGroup(groupName, description, username);
         assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
         JsonNode node = retrieveUserGroups(username);
         assertEquals(1, node.size());
@@ -396,27 +319,15 @@ public void testDeleteGroupOwner ()
                 "Operation 'delete group owner'is not allowed.");
     }
 
-    private void testInviteMember (String groupName)
+    private void testInviteMember (String groupName, String invitor,
+            String invitee)
             throws ProcessingException, KustvaktException {
-        Form form = new Form();
-        form.param("members", "darla");
-        Response response = target().path(API_VERSION).path("group")
-                .path("@" + groupName).path("invite").request()
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue(username, "pass"))
-                .post(Entity.form(form));
-        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        inviteMember(groupName, invitor, invitee);
         // list group
-        response = target().path(API_VERSION).path("group").request()
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue(username, "pass"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
+        JsonNode node = listUserGroup(invitor);
         node = node.get(0);
         assertEquals(2, node.get("members").size());
-        assertEquals(node.at("/members/1/userId").asText(), "darla");
+        assertEquals(node.at("/members/1/userId").asText(), invitee);
         assertEquals(GroupMemberStatus.PENDING.name(),
                 node.at("/members/1/status").asText());
         assertEquals(0, node.at("/members/1/roles").size());
@@ -435,8 +346,8 @@ private void testInviteDeletedMember ()
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
         // check member
         JsonNode node = retrieveUserGroups("marlin");
-        assertEquals(2, node.size());
-        JsonNode group = node.get(1);
+        assertEquals(1, node.size());
+        JsonNode group = node.get(0);
         assertEquals(GroupMemberStatus.PENDING.name(),
                 group.at("/userMemberStatus").asText());
     }
@@ -537,29 +448,23 @@ public void testInviteMemberToDeletedGroup ()
     // marlin has GroupMemberStatus.PENDING in dory-group
     @Test
     public void testSubscribePendingMember () throws KustvaktException {
-        Response response = target().path(API_VERSION).path("group")
-                .path("@dory-group").path("subscribe").request()
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
-                        .createBasicAuthorizationHeaderValue("marlin", "pass"))
-                .post(Entity.form(new Form()));
-        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        createDoryGroup();
+        testInviteMember(doryGroupName, "dory", "marlin");
+        subscribe("@"+doryGroupName, "marlin");
+
         // retrieve marlin group
         JsonNode node = retrieveUserGroups("marlin");
-        // System.out.println(node);
-        assertEquals(2, node.size());
-        JsonNode group = node.get(1);
-        assertEquals(2, group.at("/id").asInt());
+        assertEquals(1, node.size());
+        JsonNode group = node.get(0);
         assertEquals(group.at("/name").asText(), "dory-group");
         assertEquals(group.at("/owner").asText(), "dory");
         // group members are not allowed to see other members
         assertEquals(0, group.at("/members").size());
         assertEquals(GroupMemberStatus.ACTIVE.name(),
                 group.at("/userMemberStatus").asText());
-        assertEquals(PredefinedRole.VC_ACCESS_MEMBER.name(),
-                group.at("/userRoles/1").asText());
-        assertEquals(PredefinedRole.USER_GROUP_MEMBER.name(),
-                group.at("/userRoles/0").asText());
+
+        System.out.println(node.toPrettyString());
+        assertEquals(2, group.at("/userRoles").size());
         // unsubscribe marlin from dory-group
         testUnsubscribeActiveMember("dory-group");
         checkGroupMemberRole("dory-group", "marlin");
@@ -658,7 +563,7 @@ private void testUnsubscribeActiveMember (String groupName)
                 .delete();
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
         JsonNode node = retrieveUserGroups("marlin");
-        assertEquals(1, node.size());
+        assertEquals(0, node.size());
     }
 
     private void checkGroupMemberRole (String groupName,